<?php
if(!defined('SABLOG_ROOT')) {
	exit('Access Denied');
}
session_start();

$articleid = intval($_GET['id']);
$alias = sax_addslashes($_GET['alias']);
$where = '';
if ($articleid) {
	$where = " AND articleid='$articleid'";
} elseif ($alias) {
	$where = " AND alias='$alias' LIMIT 1";
} else {
	message('缺少参数', './');
}

// 获取文章信息
$article = $DB->fetch_one_array("SELECT a.*,c.name as cname,c.url as curl, u.username
	FROM {$db_prefix}articles a
	LEFT JOIN {$db_prefix}categories c ON c.cid=a.cid
	LEFT JOIN {$db_prefix}users u ON a.uid=u.userid
	WHERE a.visible='1'".$where);
if (!$article) {
	message('记录不存在', $options['url']);
}

//记录浏览过的文章
if(!$_COOKIE['articleids'][$article['articleid']]){
	scookie('articleids['.$article['articleid'].']', $article['articleid']);
}

//获取连接
$article['url'] = getpermalink($article['articleid'], $article['alias'], 0, sadate('Y/m/d',$article['dateline']));
$article['userurl'] = getuserlink($article['username']);
$article['cateurl'] = getcatelink($article['cid'], $article['curl']);

if ($_POST['readpassword'] && ($article['readpassword'] == sax_addslashes($_POST['readpassword']))) {
	scookie('readpassword_'.$article['articleid'], sax_addslashes($_POST['readpassword']), 2592000); //一个月
}
//设置文章的分类名、作者、TAG、标题成为meta\title信息
$options['meta_keywords'] = $article['keywords'].(($article['keywords'] && $options['meta_keywords']) ? ',' : '').$options['meta_keywords'];
$meta_description = make_description($article['description'],$options['meta_article_description']);
$options['meta_description'] = $article['title'] . ($options['meta_article_description'] ? ($meta_description ? ' - '.$meta_description : ' - '.make_description($article['content'],$options['meta_article_description'])) : '');
$options['title_keywords'] = $options['title_keywords'] ? ' - '.$options['title_keywords'] : '';

if ($article['readpassword'] && ($_COOKIE['readpassword_'.$article['articleid']] != $article['readpassword']) && $sax_group != 1 && $sax_group != 2) {
	$article['allowread'] = 0;
} else {
	$article['allowread'] = 1;
	$DB->unbuffered_query("UPDATE {$db_prefix}articles SET views=views+1 WHERE articleid='".$article['articleid']."'");

	//一篇文章的每页评论显示数量
	$article_comment_num = intval($options['article_comment_num']);

	// 跳转
	$goto = $_GET['goto'];
	if ($goto == 'next') {
		//跳转到下一篇文章
		$row = $DB->fetch_one_array("SELECT articleid,alias,dateline FROM {$db_prefix}articles WHERE dateline > '".$article['dateline']."' AND visible='1' ORDER BY dateline ASC LIMIT 1");
		if($row) {
			if ($options['showmsg']) {
				message('正在读取.请稍侯.', redirect_permalink($row['articleid'], $row['alias'], 0, sadate('Y/m/d',$row['dateline'])));
			} else {
				@header('Location: '.redirect_permalink($row['articleid'], $row['alias'], 0, sadate('Y/m/d',$row['dateline'])));
			}
		} else {
			message('没有比当前更早的文章', redirect_permalink($article['articleid'], $row['alias'], 0, sadate('Y/m/d',$article['dateline'])));
		}
	} elseif ($goto == 'previous') {
		//跳转到上一篇文章
		$row = $DB->fetch_one_array("SELECT articleid,alias,dateline FROM {$db_prefix}articles WHERE dateline < '".$article['dateline']."' AND visible='1' ORDER BY dateline DESC LIMIT 1");
		if($row) {
			if ($options['showmsg']) {
				message('正在读取.请稍侯.', redirect_permalink($row['articleid'], $row['alias'], 0, sadate('Y/m/d',$row['dateline'])));
			} else {
				@header('Location: '.redirect_permalink($row['articleid'], $row['alias'], 0, sadate('Y/m/d',$row['dateline'])));
			}
		} else {
			message('没有比当前更早的文章', redirect_permalink($article['articleid'], $row['alias'], 0, sadate('Y/m/d',$article['dateline'])));
		}
	}

	//隐藏变量,默认模板用不着,方便那些做模板可以单独显示月份和号数的的朋友.
	$article['month'] = sadate('M', $article['dateline']);
	$article['day'] = sadate('d', $article['dateline']);
	$article['dateline'] = sadate($options['normaltime'], $article['dateline']);

	//附件
	if ($article['attachments']) {
		require_once(SABLOG_ROOT.'include/func/attachment.func.php');
		$attachs= unserialize(sax_stripslashes($article['attachments']));
		if (is_array($attachs)) {
			foreach ($attachs AS $attach) {
				$a_path = $options['attachments_dir'].$attach['filepath'];
				if (file_exists(SABLOG_ROOT.$a_path)) {
					$a_ext = strtolower(getextension($attach['filename']));
					if ($a_ext == 'gif' || $a_ext == 'jpg' || $a_ext == 'jpeg' || $a_ext == 'png') {
						$imagesize = getimagesize(SABLOG_ROOT.$a_path);
						$a_size = sizecount($attach['filesize']);
						$a_thumb_path = $options['attachments_dir'].$attach['thumb_filepath'];
						if ($attach['thumb_filepath'] && $options['attachments_thumbs'] && file_exists($a_thumb_path)) {
							$article['image'][$attach['attachmentid']]=array($attach['attachmentid'],$a_thumb_path,$a_size,$attach['thumb_width'],$attach['thumb_height'],$attach['downloads'],1,$attach['filename']);
						} else {
							// 如果缩略图不存在
							$size = explode('x', strtolower($options['attachments_thumbs_size']));
							$im = scale_image( array(
								'max_width'  => $size[0],
								'max_height' => $size[1],
								'cur_width'  => $imagesize[0],
								'cur_height' => $imagesize[1]
							));
							$article['image'][$attach['attachmentid']]=array($attach['attachmentid'],$a_path,$a_size,$im['img_width'],$im['img_height'],$attach['downloads'],0,$attach['filename']);
						}
					} elseif ($a_ext == 'mp3'){
						// 是mp3
						$a_size = sizecount($attach['filesize']);	
						$article['mp3'][$attach['attachmentid']]=array($attach['attachmentid'],$attach['filename'],$a_path,$a_size,$attach['downloads']);
    					$tmpchars='ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz'; 
					    $string='';
					    for($len = 6 ; $len >= 1 ; $len--)
						{
					    	$position=rand(0,500)%strlen($tmpchars);
							$string.=substr($tmpchars,$position,1);
						}
						$_SESSION['skd'] = $string;
					} else {
						// 如果非图片文件
						$a_size = sizecount($attach['filesize']);
						$article['file'][$attach['attachmentid']]=array($attach['attachmentid'],$attach['filename'],$a_size,$attach['downloads']);
					}
				}
			}
			//如果空,释放掉变量
			$attachmentids=array();

			$article['content'] = preg_replace("/\[attach=(\d+)\]/ie", "upload('\\1')", $article['content']);

			foreach($attachmentids as $key => $value){
				if($article['image'][$value]){
					unset($article['image'][$value]);
				}
				if($article['file'][$value]){
					unset($article['file'][$value]);
				}
			}
		}
	}
	// 获取附件结束

	//处理PHP高亮
	$article['content'] = preg_replace("/\s*\[php\](.+?)\[\/php\]\s*/ies", "phphighlite('\\1')", $article['content']);

	//TAGS
	if ($article['keywords']) {
		$tagdb = explode(',', $article['keywords']);
		$articletags = $tmark = '';
		foreach($tagdb as $tag) {
			$tag = trim($tag);
			$articletags .= $tmark.'<a href="'.gettaglink(urlencode($tag)).'">'.htmlspecialchars($tag).'</a>';
			//相关文章用
			$tags .= $tmark."'".sax_addslashes($tag)."'";
			$tmark = ', ';
			$article['content'] = highlight_tag($article['content'], $tag);
		}
		$article['alltags'] = $articletags;
		// 如果显示相关文章
		if ($options['related_shownum']) {
			$query = $DB->query("SELECT aids FROM {$db_prefix}tags WHERE tag IN ($tags)");
			$relaids = 0;
			while ($tag = $DB->fetch_array($query)) {
				$relaids .= ','.$tag['aids'];
			}
			$relids = explode(',', $relaids);
			// 清除重复值的单元并删除当前ID
			$relids = array_unique($relids);
			$relids = array_flip($relids);
			unset($relids[$article['articleid']]);
			$relids = array_flip($relids);
			////////
			$related_total = count($relids);
			$relids = implode(',',$relids);
			if ($related_total > 1 && $relids != $article['articleid']) {
				$query = $DB->query("SELECT articleid,title,views,comments,alias,dateline FROM {$db_prefix}articles WHERE visible='1' AND articleid IN ($relids) ORDER BY dateline DESC LIMIT ".intval($options['related_shownum']));

				$titledb = array();
				while ($title = $DB->fetch_array($query)) {
					$title['url'] = getpermalink($title['articleid'], $title['alias'], 0, sadate('Y/m/d',$article['dateline']));
					$title['title'] = trimmed_title($title['title'], $options['related_title_limit']);
					$titledb[] = $title;
				}
				unset($title);
				$DB->free_result($query);
			}
		}
		unset($articletags);
	}

	// Trackback
	if ($options['enable_trackback'] && $article['trackbacks']) {
		$tborderid = 0;
		$tborder = $options['trackback_order'] ? 'ASC' : 'DESC';
		$query = $DB->query("SELECT title,dateline,excerpt,url,blog_name FROM {$db_prefix}trackbacks WHERE visible='1' AND articleid='".$article['articleid']."' ORDER BY trackbackid ".$tborder);
		$trackbackdb=array();
		while ($trackback = $DB->fetch_array($query)) {
			$tborderid++;
			$trackback['tborderid'] = $tborderid;
			$trackback['url'] = sax_stripslashes($trackback['url']);
			$trackback['title'] = sax_stripslashes($trackback['title']);
			$trackback['blog_name'] = sax_stripslashes($trackback['blog_name']);
			$trackback['excerpt'] = sax_stripslashes($trackback['excerpt']);
			$trackback['dateline'] = sadate($options['comment_timeformat'], $trackback['dateline']);
			$trackbackdb[] = $trackback;
		}
		unset($trackback);
		$DB->free_result($query);
	}

	// 评论
	if ($article['comments']) {
		$commentsql = '';
		if($article_comment_num) {
			if($page) {
				$cmtorderid = ($page - 1) * $article_comment_num;
				$start_limit = ($page - 1) * $article_comment_num;
			} else {
				$cmtorderid = 0;
				$start_limit = 0;
				$page = 1;
			}
			$multipage = multi($article['comments'], $article_comment_num, $page, $article['url']);
			$commentsql = " LIMIT $start_limit, $article_comment_num";
		}
		$cmtorder = $options['comment_order'] ? 'ASC' : 'DESC';
		$query = $DB->query("SELECT commentid,author,url,email,dateline,content FROM {$db_prefix}comments WHERE articleid='".$article['articleid']."' AND visible='1' ORDER BY commentid $cmtorder $commentsql");
		$commentdb=array();
		while ($comment=$DB->fetch_array($query)) {
			$cmtorderid++;
			$comment['cmtorderid'] = $cmtorderid;
			$comment['quoteuser'] = $comment['author'];
			if ($comment['url']) {
				$comment['author'] = '<a href="'.$comment['url'].'" target="_blank">'.$comment['author'].'</a>';
			}
			$comment['content'] = html_clean($comment['content']);
			$comment['dateline'] = sadate($options['comment_timeformat'], $comment['dateline']);
			$comment['avataraddress'] = md5( $comment['email'] );
			$commentdb[]=$comment;
		}
		unset($comment);
		$DB->free_result($query);
	}
	if ($options['seccode'] && $sax_group != 1 && $sax_group !=2) {
		$seccode = random(4, 1);
	}
}

$options['title'] = settitle($article['title']);
$pagefile = 'show';

?>